hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-06 07:36:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
40,442 Commits 1,703 Branches 162 Tags
3b60a1c3bce290da5deab1e7d5347ccb89c5b99f
Commit Graph

40442 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tony Torralba
3b60a1c3bc Add change note 2022-06-20 12:07:31 +02:00
Tony Torralba
2b2fa6e15b Add taint step for String.valueOf(Editable) 
Kotlin inlines expr.toString() as String.valueOf(expr) when expr is nullable
 2022-06-20 12:07:31 +02:00
Mathias Vorreiter Pedersen
edf0be0854 Merge pull request #9611 from MathiasVP/swift-nomagic-get-location 
Swift: Add `nomagic` to `getLocation`
 2022-06-20 10:42:45 +01:00
Mathias Vorreiter Pedersen
57abd4af89 Merge pull request #9612 from MathiasVP/fix-other-constructor-decl-ref-expr-to-string 
Swift: Fix 'toString' on 'OtherConstructorDeclRefExpr'
 2022-06-20 10:17:15 +01:00
Mathias Vorreiter Pedersen
12d27ec580 Swift: Modify 'toString' in 'OtherConstructorDeclRefExpr' to properly reflect that it's a reference and not a call. 2022-06-20 09:59:23 +01:00
AlexDenisov
af379da7e6 Merge pull request #9321 from github/alexdenisov/xref-decls 
Swift: do not duplicate 'external' declarations
 2022-06-20 10:43:05 +02:00
Mathias Vorreiter Pedersen
068ac2b80e Swift: Add 'nomagic' to 'getLocation'. 2022-06-20 09:41:06 +01:00
Paolo Tranquilli
a91c94c38b Swift: temporarily disable failing test 2022-06-20 10:32:19 +02:00
Paolo Tranquilli
1f53b7fbe8 Merge main into alexdenisov/xref-decls 2022-06-20 10:25:29 +02:00
Rasmus Wriedt Larsen
ae44a941f9 Merge pull request #9421 from RasmusWL/inline-brackets 
Inline Expectation Tests: Allow `tag[foo bar]`
 2022-06-20 10:01:19 +02:00
Tamás Vajk
be2dfffb76 Merge pull request #9564 from tamasvajk/fix/diagnostic-query-metadata 
C#: Change `kind` query metadata to `diagnostic` for compiler/extractor errors and messages
 2022-06-20 09:02:35 +02:00
Jeroen Ketema
a4ecb7b4e9 Merge pull request #9473 from ton31337/fix/missing_closing 
doc: Add missing closing bracket in basic-query-for-cpp-code
 2022-06-20 08:38:35 +02:00
Erik Krogh Kristensen
a5e789c72b Merge pull request #9537 from github/dependabot/cargo/ql/crossbeam-utils-0.8.8 
Bump crossbeam-utils from 0.8.5 to 0.8.8 in /ql
 2022-06-18 15:44:34 +02:00
Erik Krogh Kristensen
02b9745eb6 Merge pull request #9538 from github/dependabot/cargo/ql/regex-1.5.5 
Bump regex from 1.5.4 to 1.5.5 in /ql
 2022-06-18 15:44:10 +02:00
Taus
3a328f6a3f Merge pull request #6570 from yoff/python/broaden-noqa-regex 
Python: Broaden noqa regex to allow comments
 2022-06-17 23:56:39 +02:00
Rasmus Wriedt Larsen
b65a10d1ef Inline Expectation Tests: sync 2022-06-17 17:38:19 +02:00
Rasmus Wriedt Larsen
5fb41e4894 Inline Expectation Tests: Disallow tag[[[foo bar] 2022-06-17 17:36:04 +02:00
Chris Smowton
a7993fb455 Merge pull request #9577 from smowton/smowton/fix/go-mod-tidy-vendoring 
Go autobuilder: don't attempt a go mod tidy when there's a vendor directory present
 2022-06-17 15:26:59 +01:00
Erik Krogh Kristensen
84556fb93b Merge pull request #9575 from erik-krogh/paramModules 
QL: support for parameterized modules
 2022-06-17 15:07:48 +02:00
Chris Smowton
92b8c0f864 Merge pull request #9563 from smowton/smowton/fix/name-trap-files-after-jvmnames 
Kotlin: Name trap files after jvmnames
 2022-06-17 12:32:28 +01:00
Erik Krogh Kristensen
80f66779fb fixup Definitions.qll 2022-06-17 11:27:07 +02:00
Erik Krogh Kristensen
13b743643e everything is a TypeRef, some TypeRefs just resolve to a module 2022-06-17 11:22:04 +02:00
Alex Ford
5923eb4962 Merge pull request #9566 from alexrford/ruby/activerecord-findby-dynamic 
Ruby: recognize ActiveRecord `find_by_x` methods
 2022-06-17 09:39:46 +01:00
Nick Rolfe
cac53b5163 Merge pull request #9588 from github/dependabot/cargo/ruby/thread_local-1.1.4 
Bump thread_local from 1.1.3 to 1.1.4 in /ruby
 2022-06-17 09:28:24 +01:00
Nick Rolfe
5f61c0c0b3 Merge pull request #9587 from github/dependabot/cargo/ql/thread_local-1.1.4 
Bump thread_local from 1.1.3 to 1.1.4 in /ql
 2022-06-17 09:27:51 +01:00
Erik Krogh Kristensen
2b5af15d80 comments about what we resolve, and remove a debug comment 2022-06-17 09:09:58 +02:00
Anders Schack-Mulligen
99343c4606 Merge pull request #9582 from igfoo/igfoo/tidy 
Java: Remove some redundant string concatenations, and a double space
 2022-06-17 09:02:05 +02:00
Harry Maclean
230192df3b Merge pull request #9267 from hmac/hmac/improper-memoization 
Ruby: Add Improper Memoization query
 2022-06-17 16:31:55 +12:00
dependabot[bot]
583ab492f9 Bump thread_local from 1.1.3 to 1.1.4 in /ruby 
Bumps [thread_local](https://github.com/Amanieu/thread_local-rs) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/Amanieu/thread_local-rs/releases)
- [Commits](https://github.com/Amanieu/thread_local-rs/compare/v1.1.3...1.1.4)

---
updated-dependencies:
- dependency-name: thread_local
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-17 01:44:43 +00:00
dependabot[bot]
e456cdb5dc Bump thread_local from 1.1.3 to 1.1.4 in /ql 
Bumps [thread_local](https://github.com/Amanieu/thread_local-rs) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/Amanieu/thread_local-rs/releases)
- [Commits](https://github.com/Amanieu/thread_local-rs/compare/v1.1.3...1.1.4)

---
updated-dependencies:
- dependency-name: thread_local
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-17 01:42:18 +00:00
Erik Krogh Kristensen
96eacd0ea6 disable consistency checks in QL tests that does not hold with the current parameterized modules implementation 2022-06-16 23:10:09 +02:00
Erik Krogh Kristensen
e557f233d7 mark the implements of a module as being alive 2022-06-16 23:03:06 +02:00
Erik Krogh Kristensen
cf89faead0 just use TypeExpr to resolve modules 2022-06-16 22:55:11 +02:00
Erik Krogh Kristensen
dce817ec4b resolve calls to all instantiations of a signature predicate 2022-06-16 22:55:11 +02:00
Erik Krogh Kristensen
2a7a0f398a add support for signature modules (warning: ugly commit) 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
98690c8a2e add support for class signatures in parameterized modules 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
e5d3a8fe90 add callgraph test for signature predicates 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
20c9222e23 use explicit this 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
744e2db152 fix the parser to allow lower-case module names 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
55b6f073c2 resolve calls to signature predicates 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
f25c4c5fdf add consistency test that parents are unique (and fix non-unique parents) 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
14b5f8410f move the consistency predicates where they should be 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
4be969ca3b a bit of cleanup on SignatureExpr 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
6e7db2d37c hook up the pretty AST of a parameterized module 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
1caafb87f7 add type arguments of ModuleInstation to the pretty AST 2022-06-16 22:55:10 +02:00
Erik Krogh Kristensen
adc1466cab save the name of an instantiated module 2022-06-16 22:55:10 +02:00
Ian Lynagh
5ba672f035 NonSerializableField: Accept test output changes 2022-06-16 17:34:56 +01:00
Arthur Baars
e95194ce67 Merge pull request #9477 from thiggy1342/experimental-archive-api 
RB: Adding experimental query for detecting path traversal in Archive libraries
 2022-06-16 17:45:18 +02:00
Rasmus Wriedt Larsen
45af148f05 Merge pull request #9215 from RasmusWL/ruby-mad-argument-self 
Ruby: Fixes for `Argument[any,any-named]` in MaD
 2022-06-16 17:38:32 +02:00
Ian Lynagh
e7bc2ca423 Java: Remove some redundant string concatenations 2022-06-16 16:38:17 +01:00